The full Yaler relay source code as it is running on our servers is now available at the project repository. The source code is licensed under GNU AGPLv3. We hope that this strengthens trust in our hosted service and thus results in an advantage for you and your customers.

A set of sensors detect ambient levels of alcohol, methane, carbon monoxide and barometric pressure and stream them back to the control centre. For its maiden voyage, the vehicle [explored] the atmosphere of Newcastle's The Late Shows within the Baltic art gallery streaming its findings, live, to Baltic 39 on the other side of the river.

Building the Web of Things is a hands-on guide that teaches how to design and implement scalable, flexible, and industry-ready IoT solutions on the Web. This practical book will show you how to connect various devices to the Web and how to expose their services and data over REST APIs.

Examples are based on Node.js and Raspberry Pi. The book also mentions Yaler:

Once the development and testing phase of your WoT Pi is finished, you’ll likely want to make it accessible over the web with its own public domain; for example, mypi.webofthings.io. To do this, you could use Yaler, which is a great service ... to securely access your embedded devices through your firewall

Thanks for recommending us. Glad to be a building block for the Web of Things.

How might people, whose work often keeps them away from home, remain part of key aspects of domestic life? This is the driving question behind Family Rituals 2.0, a multidisciplinary research project exploring family life in the digital age.

The design research collaboration between the Royal College of Art and Newcastle University led to a number of "ritual machines", connecting workers to their loved ones. Three of the prototypes use Yaler, according to David Chatting, investigative designer and research associate at Newcastle University's OpenLab.

Machine #1 enables having a drink together while apart by connecting a smart beer opener with a wine dispenser at home. Machine #2, a beautifully designed flip-flop display, enables anticipation of time together. And Machine #3 translates the stop-and-go of your daily commute into the movement of a Roomba at home.

The machines, bespoke designs that individual families have lived with, have been exhibited at the Royal College of Art during the London Design Festival. To learn more about future development and exhibitions, follow @Family_Rituals.

In addition to our on demand subscriptions, Yaler now also offers a hosted service on dedicated relay instances. While the price of the on demand service is based on a mixed load profile, a fixed yearly fee per relay instance allows you to max out the number of devices connected to a dedicated instance. Depending on the load profile this can lead to a substantial reduction of your cost per relay domain.

A dedicated instance also offers more choice when it comes to the relay region and relay host name. This provides you with additional flexibility on your path from the first prototype to a future proof and reliable connected product.

The Yaler relay service supports SSL/TLS encryption since day one. An embedded device publishes itself over a secure connection to the relay, where a client then can access it over HTTPS. So far, connections have been secured point-to-point. Both, the device and client side, receive the relay server's SSL certificate.

Today we announce a second option: end-to-end encryption, from the client to the device. Based on SNI, an extension of TLS that allows a server to return a specific certificate for each subdomain, the client now gets the SSL server certificate stored on the device. The relay can no longer see unencrypted traffic, not even in theory.

The integration of Yaler.net, a cloud-based connectivity service, enabled a secure ad-hoc connection for data streaming, without the hassle of port forwarding.

We're glad Yaler can serve as a building block for such an innovative project.

http://blog.yaler.net/2014-01-20/building-a-home-security-system.html2014-01-20T00:00:00Z2014-01-20T00:00:00ZBuilding a Home Security System

Bill Pretty, who specializes in security, wrote a detailed project account on Building a Home Security System with BeagleBone. The book includes a compact overview of the components, wiring and secure implementation of a DIY Internet-connected intrusion alarm, and features a chapter on our relay service:

Under normal circumstances, your firewall or mobile router blocks the access to your alarm system. In this case, Yaler acts as a secure "man in the middle", who handles two-way communication between your web client and your alarm system.

The proposed architecture is based on the Aizo digitalSTROM home automation system. The YalerTunnel command line tool was used to enable secure access to the dSS, an in-house embedded Linux server. The digitalSTROM Hub, acting as glue logic in the cloud, gets weather events from MeteoSchweiz, processes them, and if necessary alarms individual homes via the Yaler relay.

Getting started with connected products can be a bit of a challenge for companies, even those already dealing with hard- and software. What does being connected to the Internet mean for your products? Which new services become possible? How do other connected products and the Internet of Things work end-to-end? To help companies figure all this out, we offer a number of specifically tailored workshops.

You might have noticed that changing your account password now requires you to re-enter your old one. This helps to prevent cross-site request forgey. CSRF attacks are possible because Javascript code is allowed to post an HTML form to sites of a different origin without violating the browser's same origin policy. If you are signed in, the browser happily adds a valid authentication cookie of the targeted site to the malicious post request. All this was pointed out to us during a security review of the Yaler relay and Web site. Of course, Yaler.net is not Facebook and the chances of such an attack are rather small. Still, we immediately fixed the vulnerability to keep access to your data and devices as safe as possible.

Christine Perey, who founded Mobile Monday Switzerland, has started an Internet of Things meetup group in Zürich, IoT ZH. The first event was held in the context of MoMo in Bern and featured presentations by AutoID Labs, Swisscom, Ericsson, SilentSoft and Koubachi. This week's meetup in Zürich took place at ETH, and we were invited to give a presentation alongside Cuno Pfister, our boss at Oberon, and Simon Mayer of the Distributed Systems Group at ETH. With over forty attendees the turnout was quite nice for an informal meetup. We met old friends from various corners, made new contacts and had a good time. If you happen to be in the region make sure to sign up for future events – we'll definitely be there again.

http://blog.yaler.net/2011-12-25/yaler-v20-released.html2011-12-25T00:00:00Z2011-12-25T00:00:00ZYaler v2.0 Released

The full source code of Yaler as it is running on our servers is now available at the project repository. In addition to the high performance of the previously published version the new code supports clustering multiple relay instances which is essential for scalability and high availability. Note, that the current license only permits non-commerical use; however, we hope that this level of transparency strengthens trust in our hosted service and thus results in an advantage for you and your customers.

http://blog.yaler.net/2011-12-02/web-of-things.html2011-12-02T00:00:00Z2011-12-02T00:00:00ZWeb of Things

Vlad Trifa and Dom Guinard both recently finished their PhD. Their work at ETH Zürich, SAP Research and MIT helped to establish the Web of Things (WoT) as a proper field of research. We are honored that both reference Yaler in their theses.

...This issue is not inherent to RFID readers but is a general issue when deploying WoT systems in the real-world and in particular in corporate environments.

A common practical solution to these problems is the use of the Reverse HTTP protocol where a service on the Internet acts as a public proxy for devices behind firewalls and/or NATs on a private network...

...As an example, the open-source Yaler project is providing a service implementing the Reverse HTTP protocol.

Even though push solutions are known as more reactive, but less scalable, recent work has shown that Web push notifications on embedded devices are not only possible (for example Yaler uses ReverseHttp on Arduinos), but also present various advantages.

Thanks and congrats to both!

http://blog.yaler.net/2011-11-09/programming-your-home.html2011-11-09T00:00:00Z2011-11-09T00:00:00ZProgramming Your Home

As big fans of the DIY movement's bottom-up approach to building the Internet of Things, we're glad to see that Yaler is mentioned in Mike Riley's forthcoming book published by the Pragmatic Programmers, Programming Your Home:

The projects in this book should work perfectly fine in a home local area network. However, obtaining sensor data outside of this local network is a challenge. How do you check on the status of something like a real-time temperature reading without going through the hassles of opening and forwarding ports on your router (not to mention the potential security risks that entails)?

Fortunately, several companies have begun to aggressively offer platforms accessible via simple web service API’s to help overcome these hassles. Three of these gaining momentum are Pachube, Exosite, and Yaler. Configuring and consuming their services is a fairly straight-forward process. I encourage you to visit these sites to learn more about how to incorporate their messaging capabilities into your own projects.

To host a service on Amazon's EC2, you need an Amazon Machine Image (AMI). Either you create your own, or you simply pick one from the list of pre-configured images. In the past, our Yaler instances were hosted on the popular Alestic images, i.e. on the AMI of a third party provider. But lately Amazon announced the general availability of their own Amazon Linux AMI, which is

designed to provide a stable, secure, and high performance execution environment for applications running on Amazon EC2.

A core advantage in our case is the pre-installed Java runtime. The small footprint of the image is also a benefit, as by minimizing the number of non-critical packages you reduce exposure to potential security vulnerabilities. So we swiftly updated our automated deployment scripts to use the Amazon Linux AMI. The scripts allow us to start an entire new cluster in less than three minutes and lets us provide you with a truly flexible service.

http://blog.yaler.net/2011-10-20/yaler-on-twitter.html2011-10-20T00:00:00Z2011-10-20T00:00:00ZYaler On Twitter

Yaler is now finally on Twitter, as @yaler. The name was unused but taken, so we had to enforce our trademark. Anyway – we'll use the account to keep you updated on the Yaler project and company and as an additional channel to communicate the status of our hosted service in the case of an unexpected outage.

Yaler™ is now an international trademark registered in the EU and US (WIPO No. 1085720 based on Swissreg No. 599392). This helps our customers to be sure they get the original and allows us to protect our intellectual property.

Yaler is a simple, open and scalable relay infrastructure enabling secure Web access to embedded systems behind a firewall or NAT. We started developing Yaler in late 2008 at Oberon microsystems and introduced it to the public at WoT 2010, the first international workshop on the Web of Things. Since then, Yaler has been released for non-commercial use with full source at http://yaler.org/.

From developing a Yaler-based product for an enterprise customer we learned that adding an Internet connection to a device can be disruptive for the company producing it. Web-enabling a device means that the device is now a representation of a service. And users judge the end-to-end experience rather than the individual device. If a device cannot be accessed, it simply does not work. This holds for the final product as much as for the first field trial. Therefore, providing a service with high availability becomes a core requirement from day one.

To help our customers face the challenge of providing a service that just works, we founded Yaler GmbH, spin-off number two of Oberon microsystems. The new company now owns and develops Yaler. And Yaler GmbH offers Yaler as an easy-to-integrate, hosted, pay-per-use service together with premium enterprise support. For inquiries, please contact me (tamberg@yaler.net) or visit http://yaler.net/.